Detections
Analytics
GPON ONT Home Gateway Router is vulnerable to authenticated remote command execution (CVE-2018-10562)
critical Nessus Plugin ID 119777
Language:
Synopsis
The remote host is affected by an authenticated remote code execution vulnerability.Description
An issue was discovered in GPON ONT Home Gateway Router web administration interface. Remote Command Execution could be triggered by sending a HTTP POST request to 'GponForm/diag_Form' URI with malicious shell script added to dest_host parameter. Because the router saves ping and traceroute command execution results in /tmp and transmits them to the user when the user revisits /diag.html, it's possible to execute arbitrary commands and retrieve their output.This allows an attacker to fully control the target device.
Solution
Consult your vendor for a patch or a workaround.See Also
https://www.vpnmentor.com/blog/critical-vulnerability-gpon-router/
Plugin Details
Severity: Critical
ID: 119777
File Name: gpon_cve-2018-10562.nbin
Version: 1.92
Type: remote
Family: Web Servers
Published: 12/19/2018
Updated: 11/12/2024
Configuration: Enable thorough checks
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.0
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2018-10562
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 9.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:dasannetworks:gpon_router
Required KB Items: installed_sw/GPON HG
Exploit Available: true
Exploit Ease: Exploits are available
Exploited by Nessus: true
Vulnerability Publication Date: 5/3/2018
CISA Known Exploited Vulnerability Due Dates: 4/21/2022
Reference Information
CVE: CVE-2018-10562